[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Need for scanner to become a maintainer?

On Sun, Aug 13, 2000 at 04:37:57AM +0200, goswin.brederlow@student.uni-tuebingen.de wrote:
> Theres been a long discussion about the passport stuff, but if I
> remember the old notes on hot to become a maintainer right there was
> allways the option to send a copy of the passport via good old mail.

I "remember" further back. I wasn't obligated to provide a picture of
myself. I refused to even provide a telephone number unless I knew
who was going to have it and unless I was able to crypt it to them.

> And don't tell me you have no copy maschine near you.
> Or what about faxing it to a maintainer (which would need a copy
> first, because passports usually dont bend good, but still).

Or what about figuring out what the hell Debian needs the image for?

Is it for identification? No. The image can be readily forged so
isn't for identification. In fact anyone submitting a picture of
themselves should modify it so that it differs from the original
so the the same image can not be used by anyone else for other 
neferious purposes.

What about authentication? No. Signed public keys do a much better job.

Debian needs an image from maintainers because it needs an image for
new maintainers. 

That's all. That's it. Repeat that sentence over and over and the
reason should become clear to you.

You can bet in a short while that all developers
will need an image. Why? Because the majority would have their image
on file - why shouldn't everyone? (Dale he said that is a one of his
goals. I just wish the rest of the developers had a chance to decide
this by voting first).

> A birth certificate would be just as good, wouldn't it and those are
> normal paper? Get one and fax it to the person handling you
> application and I'm sure that would be enough.
> Care should be taken to choose maintainers that recieve their fax on
> the computer, so it can be used directly without another quality loss
> by scanning.
> I think it is good that Debian has some legal document for each
> maintainer. Just in case some legal instance drops in (like the FBI)
> and wants to shutdown Debian because Maintainer Foo hacked their site,
> Debian can proof the identity of Foo.

1. Debian is supposudly represented by SPI.
2. SPI does not keep these images on file.

Having the image helps nada in this instance. 

> It makes people think twice before going through the trouble of
> becoming maintainer.

No, it means that those peoople who apply are self-selecting.

Those who aren't comfortable with A. Random Developer having a copy
of an "appropriate piece of photo-identification" on who knows how 
many computers, should obviously not apply.

Those who can't fathom what use an image is for, or why they should
buy a scanner to apply to a project should not apply.

Those who can get another developer to sign their key but don't have
the interest to scan a picture of themsevles (I mean, scanning IS a 
fundamental ability that *every* Debian developer must know how to do)
need not apply.

Obviously if you can't scan an image of yourself you can't be sincere or
interested in the project. Obviously if you aren't prepared to provide
a picture of yourself you can't be sincere. I mean, we all have put our
address and phone numbers into db.debian.org, right?

Thanks for reminding me about this thread Goswin.


Reply to: